Meaner Code Red worm appears in Asia
Meaner Code Red worm appears in Asia
BEIJING (Reuters): A meaner version of the Code Red Internet worm has made its first appearance in Asia, infesting dozens of computers in China, security experts said on Tuesday.
South Korea was trying to determine whether it was this pernicious worm which had attacked government computers and Hong Kong also reported at least one confirmed infection.
China's Ministry of Public Security issued a national alert to police urging swift action to prevent the spread of the Code Red II worm, which can rig computers to attack others as well as expose information, such as credit card numbers, they store.
"We've discovered that computer systems at some work units and government departments have been infected with this virus, disturbing normal working conditions," said the statement seen by Reuters.
"The situation is beginning to move more quickly and spread more widely this week," said a technical support manager at Beijing Rising Technology Corp, a virus protection company.
South Korea reported its first Code Red outbreak as servers at a cluster of government offices were hit, sparking a shutdown of some systems to prevent it spreading further.
The computer worm froze a computer network linking government offices in Taejon, about 140 km (85 miles) south of Seoul, the Ministry of Government Administration and Home Affairs said.
It was not immediately clear whether it was the more pernicious variant, discovered on Saturday, of the Code Red worm which first struck last month, a ministry official said.
Offices of the Korea Forestry Service, Cultural Properties Administration and Industry Property Office were affected.
The official said Internet links between the offices and government offices in Seoul were severed to try to prevent the worm from spreading.
In Hong Kong, a spokesman from the government-sponsored Hong Kong Computer Emergency Response Team Coordination Center (HKCERT) said it had received one report of "Code Red II" infection and three reports of attempts to sneak into computers.
He declined to say whether any government department had been affected.
The worm began showing up on Chinese computers despite claims last week that Chinese-language versions of the vulnerable operating systems were immune to the virus.
Beijing Rising Technology knew of several dozen Chinese computers which had been attacked by the Code Red II worm, including computers at universities, government agencies and large Chinese companies, the technical manager said.
It infects computers running Microsoft's Windows NT or 2000 operating systems and its Internet Information Server Web software.
Last week, some security experts said Chinese-language versions of the Microsoft operating systems were immune to the worm, but the Rising expert said it could infect computers using Chinese-language versions.
Reports in Indian newspapers last week said the Code Red worm had been traced to a computer at the University of Foshan in China's southern province of Guangdong.
But a laboratory technician who answered the phone at the university's computer department on Tuesday said he was surprised to learn of the reports because the school had been on vacation since July 6 and was being refurbished.
"All the students are on vacation and we're under construction. Even the electricity is down," said the technician, who gave his surname as Hu.
A free software patch with instructions is available at http://www.digitalisland.net/codered/. The Mercury Interactive Web is also offering free vulnerability scans for Code Red.